As for hacker attacks, Kaiser said the AMR uses tools to protect against unauthorized remote access, with security checks and audits within multiple layers of the system.

"We are committed to protecting our patients' privacy and fully complying with government privacy provisions. That is why we selected a system with state-of-the-art security, with many levels of password protection,"

Unfortunately, the regulations purported to shield this cornucopia of deeply personal information emerged as anti-privacy regulations...

For example, health care providers covered by these rules "must permit access" by the secretary of Health and Human Services to the covered entity's "facilities, books, records, accounts, and other sources of information, including protected health information." That means your individual medical records. If the HHS secretary so demands, the physician or other covered entity "must permit access by the secretary at any time and without notice." In a heartbeat your medical records thus may be put in the hands of federal officials, with no judicial process required.

That article also includes information on links between HIPAA and TIA.

Information on the Association of American Physicians and Surgeons lawsuit mentioned in the article is available here. A summary of their case is here.